Enhanced Security and Risk Mitigation in Today’s World
November 15, 2019
By Rebecca Keeney
Say you’re the CFO of a local, 75-person construction company. Workers go about their daily tasks and the business is running as usual. You receive email correspondence from one of your long-time employees, and suddenly this is the beginning of a financial and operational downturn courtesy of cybercrime called “ransomware.” Unfortunately, situations such as these are all too commonplace in today’s world of business, e-commerce and technology-driven transactions.
At the 2019 Florida Business Summit, EisnerAmper moderated a discussion on those threatening situations along with remedial actions companies can take. The panel featured speakers Ricardo Arias, Miami Beach detective and member of the Secret Service’s Electronic Crimes Task Force; Brandon Bowers, CEO of ZenTek Data Systems; and Robert Horn, lead cyber-placement broker and assistant VP of Alliant Management & Professional Solutions.
Many threats exist in the business world, with ransomware being a recurrent one. Ransomware allows cyber criminals to hold users’ data hostage until the user pays a sum of money. Currently, this ransom is commonly demanded in Bitcoin or other crypto currency. As Ricardo discussed, the threat is particularly dangerous as there “are many flavors” of this harmful software, and users are unaware the criminal has established a foothold in their network. This undetected foothold is then used to encrypt a company’s data, where payment is demanded for the data’s release.
Fortunately, there are steps companies can take to avoid cybercrime entanglement, therefore avoiding loss of funds and preventing revenue stream disruption. According to Brandon, the number one prevention measure businesses “should do, but don’t, is training employees.” This was reiterated by EisnerAmper, reminding the audience that employees can be a company’s greatest asset or greatest weakness.
One might wonder which concrete steps businesses should take to ensure CEOs, CFOs, directors and employees create a robust cyber-security platform. As Brandon and EisnerAmper expressed, training employees is one of the best ways to protect businesses. Companies can send out test emails, mimicking different types of cybercrime, in order to increase awareness and the ability to sniff out harmful emails.
Another critical addition to creating cybercrime defenses is an insurance policy protecting businesses against loss. According to Robert, the key lies in working closely with brokers to make sure the policy is clear, correct, comprehensive and aligned with the company’s concerns.
Cybercrime has plagued business of all scopes and sizes for years, but it has become increasingly harmful. As Robert explained, 20 years ago companies were looking at up to $50,000 in losses. Now, they could face a six or seven figure amount in extortion. This sum of money will negatively impact any business. However, smaller business are often hit harder. This is due to the difficulties faced in quickly restoring processes as well as withstanding the loss of revenue due to halted operations.
As the cybersecurity and risk mitigation discussion came to a close, panelists were asked to impart one principle upon both the audience and readers. All three panelists conveyed a common message to the 2019 Florida Business Summit, businesses must enlist everyone, from the top down, to protect against cybersecurity threats and create a safe, profitable business.